Privacy Policy

Last updated: 07 Jan 2026

We Future Living Company (the "Company", "we", "us"), operate the "Eazli" platform and related services (the "Platform"). We respect your privacy and are committed to protecting your Personal Data in accordance with the Saudi Personal Data Protection Law (PDPL), its Implementing Regulations, and SDAIA/NDMO guidance. This Privacy Policy explains how we collect, use, share, retain, and protect your Personal Data when you use the Platform.

The Platform may include links or integrations with third parties (e.g., payment gateways or logistics providers). We do not control their privacy practices; please review their notices.

1. WE DO NOT COLLECT CHILDREN'S DATA

The Platform is not intended for individuals who have not reached the age of majority under applicable laws. If you are a parent/guardian and believe we collected a child's data, please contact us under Clause (11) so we can take appropriate action.

2. WHAT PERSONAL DATA DO WE COLLECT FROM AND/OR ABOUT YOU?

We collect and process the minimum Personal Data necessary to provide and improve the Platform. Depending on your interaction, we may collect:

• Identity data includes details such as your first name, last name, username or similar identifier, gender, title, nationality and date of birth/ birthday.
• Contact data comprises your address, email address, and telephone number.
• Transaction data involves information about payments made to and by you including but not limiting to your payment methods, as well as details about products and services you have purchased from us.
• Technical data encompasses your IP address, login data, browser type and version, operating system, mobile application version, time zone settings and (approximate) location, device type, IDFA (in case of iOS users), as well as information about your general internet usage (e.g. by using technology that stores information on or gains access to your device, such as cookies, tracking pixels, web beacons, etc. and other technology used to access our website). We use location information (where enabled) to provide location-based features (such as delivery availability and address defaults), to set service defaults (such as time zone), and to help prevent fraud and keep the Platform secure.
• Profile data includes your username and password, your interests, preferences, feedback, your preferred language and survey responses.
• Content you submit includes any content you choose to provide through the Platform, such as messages, reviews, feedback, images, files, and other user-generated content. Please see our AI & DATA Usage Policy for additional information.
• Purchase data includes all the past orders and purchases you have made from the same user account, redemption information, fulfillment information and page-view information from the service providers that enable branding, fulfillment, and other operations on the Platforms.
• Browser data relates to how you interact with our website, products, and services.
• Marketing and Communications data covers your preferences for receiving marketing materials from us and third parties, as well as your communication preferences.

Additionally, we collect, use, and share statistical or demographic information ("Aggregated Data"). Aggregated Data is data derived from your Personal Data but has been amended to remove personal identifiers and does not directly or indirectly reveal your identity. For example, we might aggregate Personal Data collected from the browser to determine the percentage of users accessing a particular website feature.

Sources of collection:

• Directly: when you create an account, place an order, contact support, submitting reviews, feedback or shipping details.
• Indirectly: from logistics providers, payment service providers, marketing partners (within your consent), or someone purchasing on your behalf.
• Automatically: via system logs, cookies, and similar identifiers when you use the Platform.

Cookies: We use cookies and similar technologies to remember preferences, enhance user experience, and measure performance. You can manage cookies through your browser/device settings. Disabling cookies may affect functionality.

Where certain data is required for a service (e.g., shipping details), not providing it may prevent us from fulfilling the service. We will indicate what is mandatory and the consequences.

3. WHAT PURPOSES DO WE COLLECT YOUR PERSONAL DATA FOR?

We collect and use your Personal Data for the following purposes:

• To create and manage your account and provide Platform services.
• To process orders, payments, shipping, delivery, and after-sales support (returns/exchanges/warranty).
• To manufacture/prepare products that require measurements (where applicable).
• To communicate with you about orders, updates, notices, and customer support.
• To improve user experience, analyze performance, develop features, and fix issues.
• To comply with legal/regulatory obligations (e.g., invoicing/tax, lawful requests).
• To prevent fraud, misuse, and protect the Platform and users.
• To send marketing and promotional messages where you have consented, with an easy opt-out mechanism.
• To conduct market research, competitions and promotions where participation is optional.
• For any other reasons which we deem necessary to enhance your experience of the Platforms.

4. HOW WE USE YOUR PERSONAL DATA? (LEGAL BASIS)

We process your Personal Data only where we have a lawful basis under applicable laws, including:

• Performance of a contract (or steps prior to entering into a contract): to fulfill orders and provide services.
• Legal or regulatory obligation: to meet record-keeping, tax, and other legal requirements.
• Legitimate interests: to improve services, prevent fraud, and secure the Platform, provided such interests do not override your rights and do not involve sensitive data except as permitted by law.
• Your consent: especially for direct marketing, and for certain types of sensitive data where required. We may also use your Personal Data to provide you with information about goods and services which may be of interest to you and enhance your Platforms experience by way of service messages, new features, enhancements, special offers and events of interest. We may contact you via various channels, including without limitation emails, push notifications, web notifications, post, telephone, in-app messages, WhatsApp messages and news feed cards. We offer you the choice to receive these interest-based ads from us. You can choose not to receive these ads by contacting us on details mentioned in Clause 11 of this Privacy Policy and/or by clicking the "UNSUBSCRIBE" button in the mail or in any marketing communications sent by us.

Sensitive data: If processing involves data that may be considered sensitive, we will seek explicit consent or rely on another valid lawful basis and apply enhanced safeguards.

Automated decisions: We may use automated systems, including AI-based tools, to personalize your experience (for example, recommending products or content and ordering search results). We do not make decisions with significant effects solely by automated processing unless legally permitted and with required safeguards (where applicable).

Withdrawing consent: You may withdraw consent at any time. You can do this by updating your preferences in your account settings (for example, marketing opt-outs), adjusting your device permissions (for example, location access), or contacting us at Legal@eazli.com. Withdrawal does not affect prior lawful processing, and we may continue processing where another lawful basis applies.

5. WHO DO WE SHARE YOUR PERSONAL DATA WITH?

Your Personal Data is important to us to provide you with our Services, and we are not in the business of selling your Personal Data to others. We share it, where necessary, with:

• Other Businesses. To offer you our Services, we may engage with other businesses who are affiliates of us and/or non-affiliated service providers (e.g. logistics businesses used to deliver products, marketing companies, payments processors to process online transactions, analyzing data etc.) and share your Personal Data with such businesses. We may involve other businesses in your transactions, who may store your Personal Data in a digital wallet to make your use of our Services more efficient. You understand that it is important that such businesses have access to the relevant Personal Data to perform their functions. We will ensure that these businesses do not use your Personal Data for other purposes. We may also receive Personal Data from these businesses (e.g. updated delivery and address information), which we may use (e.g. to correct our records and deliver your next purchase). These businesses shall be contractually bound to respect the confidentiality of your Personal Data and not use it for any other purposes.
• Third Parties. We may share your Personal Data with any third parties for the purposes set out in clause 5 above. However, we ensure that all the businesses follow practices at least as protective as those described in this Privacy Policy. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
• Business Transfers. As our business evolves, we may engage in buying or selling other businesses or services. In these transactions, customer Personal Data is typically included among the transferred assets but will continue to be protected under any existing Privacy Policy (unless, of course, the customer does not consent). In an event wherein we are acquired or if a substantial portion of our assets are acquired, customer Personal Data will be included as part of the assets being transferred.
• Protection of the Platforms and Others. We release Personal Data of users when we believe such a release is appropriate to comply with the law, law enforcement investigations and to protect the rights, property or safety of ourselves, our users or others. This includes exchanging Personal Data with other companies and organizations for various reasons, such as fraud protection and credit risk reduction.

We contractually require processors to act on our instructions, implement appropriate safeguards, and use Personal Data only for specified purposes.

6. HOW DO WE STORE AND HOW LONG DO WE STORE YOUR PERSONAL DATA?

We will store and retain your Personal Data only for the period necessary to achieve the purposes for which it was collected, and no longer than needed, unless the nature of the purpose lawfully changes or expands, in which case the retention period may be extended or shortened as required and in accordance with applicable laws and regulations.

In addition to the purposes for which we collect your Personal Data, we may also store and retain it to:

• preserve the integrity and security of our databases and systems,
• carry out on-going Services on your behalf and complete account-related operations,
• conduct research, analytics and statistics and improve our services, and
• ensure compliance with applicable laws and regulatory requirements.

Following an account deletion request (where warranted in accordance with the data subject rights referred to below): we will, as applicable, erase, remove from active use, or archive the Personal Data of the individual to which the request relates, unless we are required to retain it due to legal or regulatory requirements, for safety, security, and fraud prevention, or because of an issue relating to your account such as an outstanding credit or an unresolved claim or dispute.

Deletion/Anonymization: When no longer needed, we will securely delete Personal Data or anonymize it so it can no longer be linked to you, using appropriate technical and organizational measures. Where data has been anonymized in a manner that prevents re-identification, we may use such information indefinitely for analytics, statistics, and service improvement purposes without further notice, as it will no longer constitute Personal Data.

International transfers:

To facilitate the provision of our Services to you, it may sometimes be necessary for us to transfer or share your Personal Data with service providers, operational partners, or affiliates/group entities located outside the Kingdom of Saudi Arabia. Such transfers may be required for reasons including, without limitation, IT infrastructure, platform operation and management, payment processing, customer support, fraud prevention, and improving your user experience.

Whenever we transfer your Personal Data outside the Kingdom of Saudi Arabia, we ensure that such transfers are made in accordance with this Privacy Policy and in compliance with applicable Saudi laws and regulations, while maintaining—where possible—an equivalent level of protection to that required within KSA, and limiting the transfer to the minimum amount of Personal Data necessary for the lawful purpose.

7. WHAT SECURITY MEASURES DO WE APPLY?

We implement organizational, administrative, and technical measures to protect your Personal Data, including:

• Implement necessary security and technical measures to limit risks related to Personal Data breaches.
• Adopt recognized best practices and cybersecurity standards, such as those issued by the National Cybersecurity Authority (NCA) and any other relevant competent authority.
• Apply necessary measures to protect Personal Data during its storage, sharing, and transfer, including cross-border transfers where applicable.

It is important for you to protect yourself against unauthorized access to your password and to your devices used to access our Services. You are responsible for keeping your password confidential (for example, ensure that you sign off when you have finished using a shared device). Although we will do our best to protect your Personal Data, unfortunately, the transmission of information via the internet is not completely secure.

8. Personal Data Breach Notification

If a personal data breach occurs that may cause harm or prejudice to your rights or interests, we will notify the Competent Authority within a period not exceeding 72 hours from becoming aware of the incident where required, and we will notify affected data subjects without undue delay in accordance with applicable legal requirements, using clear and understandable language.

9. WHAT ARE YOUR DATA SUBJECT RIGHTS?

Under the PDPL, you may have the following rights (as applicable):

• Right to be informed: understand how and why we process your data and who we share it with.
• Right of access and to obtain a copy of your Personal Data (subject to legal controls).
• Right to request correction, completion, or updating of your Personal Data.
• Right to request destruction/deletion when no longer needed or upon withdrawal of consent, unless retention is legally required.
• Right to withdraw consent at any time for processing based on consent.
• Right to submit a complaint to the competent authority if your request is not handled in accordance with the law.

How to exercise rights: submit a request via Legal@eazli.com or through your account settings. We may request information to verify your identity. We will respond within the statutory timelines (generally within 30 days unless the law provides otherwise). This period may be extended by a further 30 days due to complexity or volume, and we will notify you of the extension and reasons. We may refuse a request where legally permitted; we will explain the reasons.

10. HOW DO WE CHANGE OUR PRIVACY POLICY?

We may update this Policy from time to time. The updated version will be posted on the Platform and become effective on posting or on the stated effective date. Your continued use of the Platform after an update indicates you have reviewed and accepted the changes.

11. CONTACT US

If you have any concerns about your Personal Data on the Platforms, please contact us by sending an email at Legal@eazli.com with a thorough description of your query or request.